pippinfandomcom-20200213-history
PippinAuthenticationFile
PippinAuthenticationFile is a file that contains a digital signature for authentication of officially-released CD-ROM titles for Pippin consoles.Exploring the Pippin ROM(s), part 6: Back in the ‘rvpr’ by Keith Kaisershot, Blitter.net. 2019-02-17. The RSA keys used in the verification process of the file were discovered and published in May 2019.Exploring the Pippin ROM(s), part 7: A lot to digest by Keith Kaisershot, Blitter.net. 2019-05-04. File structure Each CD-ROM officially published for Pippin consoles by Bandai Digital Entertainment contains a PippinAuthenticationFile in the root directory of the boot volume. The file contains: "Message" portion Header :* Signature location / offset (4 bytes) :* Authentication file version (4 bytes) :* Copyright string (64 bytes) :* Size of each digest chunk (4 bytes) :* Total number of digest chunks (4 bytes) Digests :Contains a variable number of digests, each containing a 16-byte MD5 value for each 128KB chunk of the CD-ROM. The first chunk to be checked also contains the Master Directory Block of the CD-ROM. This step appears to be intended to defeat conventional attempts to modify the disc's contents after it has been authenticated by Apple. Padding :15 bytes that can contain any value. Size value of "Signature" portion :A 1-byte value contains "45", the byte length of signatures found in PippinAuthenticationFiles. "Signature" portion * Padding (3 bytes) RSA-encrypted signature :* 16-bit word with a value of "1" (2 bytes) :* Padding with repeating values of "$FF" (8 bytes) :* Value of zero to mark boundary (1 byte) :* "3020300C06082A864886F70D02" (13 bytes) :* Value of "05" to mark boundary (1 byte) :* "05000410" (4 bytes) :* MD5 hash value of the above "MESSAGE" (16 bytes) Padding :File is padded to a 512-byte increment. Verification process :See: Pippin authentication: Disc authentication process An MD5 hashing algorithm is used to digest the "message" portion of the file and a RSA cryptosystem public key is used to decrypt the "signature" portion, after which the results are compared to find a match. A failure at any stage would cause the Pippin console to eject the disc before completing the boot process. Some unauthenticated Pippin titles do not contain a PippinAuthenticationFile, which are unable to boot on Pippin consoles with standard consumer ROMs. A console with a developer ROM or an authentication dongle would be required to boot from such a disc.Exploring the Pippin ROM(s) by Keith Kaisershot, Blitter.net. 2018-06-07.Demystifying the Bandai Pippin Developer Dongle, Peter Wong. 2010-04-29.Dongle Rumor by Kankoba, Maison PiPPiN. Archived 2009-08-05. However, Apple's private RSA key was discovered by Keith Kaisershot in May 2019, opening the possibility of homebrewing of unofficial Pippin titles. This was confirmed when Kaisershot created a utility to get a previously unsigned copy of The Journeyman Project: Pegasus Prime to boot on standard Pippin @WORLD console.Pippin custom boot disc proof-of-concept by Keith Kaisershot, YouTube. 2019-05-20. He later released Pippin Kickstart to allow other users to bypass authentication on standard consoles.Exploring the Pippin ROM(s), part 9: Kickstart by Keith Kaisershot, Blitter.net. 2019-07-01. References External links *Exploring the Pippin ROM(s), part 2, 3, 4, 5, 8 at Blitter.net (2018-06-10 ~ 09-24) *La Pippin bientôt hackée ? at Le Journal du Lapin (French, 2019-02-24) Category:Technology